First, what is VPN?
Through the network data packets and encrypted transmission of private data transmission in the public network to reach the level of security of private networks, which use the public network and build Virtal Private Network (or VPN). If the access mode for the dial-up, then called the VPDN.
IP VPN network established through public private data transmission channel, to remote branch offices, business partners, and other mobile workers connected. Reduce the burden of the enterprise remote access costs, save on phone costs and expenses, and provides a secure end to end data communications.
For many people, often heard the VPN, but do not know what VPN. VPN's English name is "Virtual Private Network", translates to "virtual private network." As the name implies, the virtual private network we can understand it as a virtual enterprise out of line. It can be encrypted by a special protocol on the connection in the Internet two or more different places within the enterprise to build a proprietary network of communication between the lines, is like a special line set up the same, but it does not the laying of cables needed to really like the physical line. This is like the bureau to apply for green, but do not give the cost of laying lines, do not buy a router and other hardware devices. VPN technology has an important technology was originally one of the router, the current switch, firewall software such as equipment or WINDOWS2000 also supports VPN functionality in a word, VPN's core is in the use of public networks to create a virtual private network. The emergence of VPN to solve the enterprises are facing a major problem, how to invest in the limited network conditions and management tools to provide high network performance. With public network service platform, VPN can provide cheap and extensive communication; same time, through the introduction of various security technologies, can guarantee the security of communications. As originally designed, VPN both the public and private networks in a number of advantages, the public network, low price, rich features and high-performance private network, combined with high security, a private network build a line of business effective solution. VPN services can significantly reduce the network as a cost, reducing the burden on enterprises to improve network efficiency and effective method to gradually replace the use of green building enterprise private network with traditional practices.
Second, VPN's classification? (VPN into which categories? VPN which can be divided into several categories?)
There are three VPN solutions, users can choose according to their own situation. These three solutions are: remote access Virtual Private Network (AccessVPN), the internal virtual network (IntranetVPN) and the extended virtual enterprise network (ExtranetVPN), respectively, these three types of VPN remote access network with the traditional, internal Intranet and enterprise networks and relevant partners in the enterprise network should be composed of relatively Extranet.
Ideal for mobile workers within the company often have a remote office situation. Business employees use VPN services provided by local ISP to connect, and the company's VPN gateway to establish a private tunnel connection. RADIUS server can authenticate and authorize staff to ensure the security of the connection at the same time greatly reduce the burden of telephone charges.
More and more companies need to be established within the country and the world a variety of offices, branch offices, research institutes, the various branches of the network connection between the traditional leased line generally. Obviously, an increase in branch offices, business development more widely, the network structure become more complex and costly. Using VPN feature set in the Internet, the worldwide Intranet VPN. Using Internet line to ensure network connectivity, and the tunnel, encryption and other VPN feature can ensure that information on the entire Intranet VPN secure transmission. Intranet VPN connection through a dedicated shared use of infrastructure, connecting corporate headquarters, remote offices and branches. Enterprises have the same policy with the private network, including security, quality of service (QoS), manageability and reliability.
With the information age, companies dealing with all kinds of information more and more attention. Hope that we can provide customers with the most efficient and convenient information services, through a variety of ways to understand customer needs, and cooperation between various enterprises, more and more, more frequent exchange of information. Internet for such a trend to provide a good foundation, and how to use the Internet for effective information management, enterprise development is a key issue in the inevitable. Using VPN technology can build secure Extranet, both to customers and partners to provide effective information services, can guarantee the security of its own internal network.
Third, VPN's role? VPN can bring us what kind of benefits?
First, it can reduce the cost of the user's network: Users only need to apply for a local ISP operators, cheap and efficient ADSL line will be able to create a common internal private network, not only communication costs than the traditional green way to apply to the telecommunications sector, significantly reduced; Second, enterprises can purchase and maintenance of communications equipment to save money.
VPN platform also can be resolved through the leadership of the company when the mobile office with the internal data exchange network in the same VPN access network with different partners, you can set different permissions they have, and then ensure that important information safe and convenient internal management .
Finally, because the VPN is encrypted, so it is safe IP address, VPN data packets in transmission in the Internet, Internet users to only see on the IP address of the public can not see the information contained in the real IP, so remote the address specified on the private network is protected.
Fourth, SSL VPN What is it?
What is SSL VPN? So to speak, SSL is the Internet, the most widely used security protocols. SSL protocol provides data privacy, endpoint authentication, message integrity and other characteristics. SSL protocol consists of many sub-agreement, of which two major sub-agreement handshake protocol and recording agreements. Handshake protocol allows the server and client "in the application protocol to transmit the first data byte before each confirmation, negotiation of a key encryption algorithm and password." During data transfer, recording protocol handshake protocol using encryption and decryption keys generated by subsequent exchange of data.
SSL independent of the application, so any application can enjoy it without regard to the security of the implementation details.
SSL exposure to network system between the transport layer and application layer. In addition, SSL itself is almost all Web browsers. This means that clients do not need to support SSL connections to install additional software. These two features can be used in SSL VPN is the key point.
Fifth, the hardware and software VPN VPN VPN comparison of the areas in which, has long been the battle for software and hardware. Supporters criticized the hardware firewall software products have problems in the security; and software firewall's supporters believe that the use of hardware products and upgrades in the very inconvenient.
VPN software programs to implement the advantages and features:
Pure software VPN products, protection of existing investments, without adding any hardware; no need to change existing applications and network architecture, to ensure the normal operation of businesses affected; support a variety of access methods (using ADSL, broadband Internet access method is more effective good), do not need to pull the DDN line or apply for a fixed IP, dynamic IP addressing to support both ends, for enterprises to save a lot of communication costs; network platform adaptability, scalability, and supports any C / S, B / S structure software; economic efficiency, easy to use, no professional maintenance; using advanced encryption algorithms to prevent data from being qie ting and tampering. Certification and authentication by password access hardware bundled access authentication, in addition to the password is correct, it must also be authorized based hardware to access. Or know the password to prevent unauthorized users access to corporate networks resignation of employees.
Hardware VPN solutions to implement the advantages and features:
Transmission mechanism as VPN encryption needs to consume system resources and affect network performance, and hardware VPN encryption and decryption will be referred to a special high-speed hardware processing, providing better performance and can provide a strong physical and logical security, and better to prevent illegal invasion, but also more simple configuration and operation. In general, the higher cost of hardware programs. However, if the network is small, selection for small and medium enterprises or small office VPN products is still very cost-effective. More products such as integrated firewall, VPN, VPN Router, cost is very high, and supports a variety of broadband access, it also provides convenient management tools to support mainstream VPN protocols, such as NETGEAR FVL328, NetScreen-50, Vigor 2300 and so on. Many VPN products also support dynamic IP address access, the ADSL connection with many small and medium enterprises, very useful.